*** 2018/10/25 HotFix for the Identity Suite vApp for RNGD.
*** 2017/03/13 Edit: - Updated deck based on recent questions from customers.
- Entropy pumps should be added to any servers that uses security libraries, e.g. Directory Server, Database Servers, J2EE servers, and SSO/Siteminder Servers. Use a quick test to see if your servers need to have the OS entropy pump added.
watch -n 1 cat /proc/sys/kernel/random/entropy_avail
If the return value is less than 1000, then please think about adding an Entropy Pump to all of your server(s).
### Prior Note ###
Recently I was engaged to determine the root issue of a performance related question for Vmware Linux server and SiteMinder.
After reviewing the bookshelves, the JVM vendors site, and many google searches, I was able to determine that there is a common thread to performance issues with Vmware Linux and any software solution that uses cryptographic routines.
I have put together a deck on how to address performance for SiteMinder, IM JCS (IAMCS), Web App Servers (Weblogic/WebSphere/Jboss), and other solutions that may use TLS/SSL or generate certs, that are related to a depletion of the entropy pool (/dev/random) on a virtualized/headless Linux/Unix server.
Enjoy / YMMV.
*** 2013/09/29 Edit. After additional research via NIST site, I have re-ordered the alternative recommendations with regards to FIPS.
Enclosing updated deck
*** 2013/10/10 Edit. Added a very useful EGD daemon process to the deck. HAVEGED This entropy "pump" will use volatile states of the CPU / Clock from virtualized servers to give them "boost" to speed up startup times for StieMinder/J2EE (Jboss/Weblogic/Websphere).
*** 2013/11/01 Edit. Added business high level summary with current challenges about /dev/random.
*** 2016/09/29 - Refresh to bring this back to awareness. Please don't use a soft link from /dev/urandom to /dev/random. Why? OS Software update/upgrade may/will wipe away these settings. Please use an entropy pump daemon. Recommend either HAVEGD (clock-cycle version) or the OS RNGD daemons. Test your performance before and after, to amaze yourself.